Apple responds to Rep. Markey on location

Apple has responded to a letter from U.S. Congressman Edward Markey about what it does with location data from iOS devices. While much of it is a rehash of the Q&A, Apple says there's an unnamed third-party that's getting some of the data.

Along with testifying in front of the U.S. Congress about location data tracking, Apple today responded to a letter from Rep. Ed Markey (D-Mass.) about the company's location data practices.

In a letter (PDF) signed by Bruce Sewell, Apple's general counsel and senior vice president of legal and government affairs, the company addressed seven questions from Rep. Markey that had been sent to Apple before it made that information public in its "Q&A on Location Data" document published late last month.

"I am pleased that after my letter Apple announced that its next iOS update would address several of the concerns I raised about the company's practices with respect to the collection, use and disclosure of location information," Markey said in a statement. "Specifically, Apple will encrypt location information stored on customers' iPhones and iPads and other Apple mobile devices and significantly shorten the amount of time location information is retained by the company."

Those changes appeared as part of a software update released by Apple in the middle of last week, exactly one week after the company's Q&A document came out announcing the changes, and outlining the company's stance on what it was doing with that information. Rep. Markey made special note about this document, saying that Apple's definition of tracking versus maintaining a database of Wi-Fi hotspots and cell towers nearby a user's location was vague.

"Such a distinction does not make much difference to consumers whose location could be pinpointed with great accuracy," Markey said. "While Apple states that 'some' of these hotspots and cell towers may be more than a 100 miles from a user's location, others may be much closer."

Apple maintains that this information is made anonymous as well as being encrypted before being sent back to the company over a Wi-Fi connection. The company then uses it as part of a crowd-sourced location database, part of which is downloaded to user devices, in order to help the phone more quickly calculate its location.

This is one area where Markey said he was unsatisfied based on one of Sewell's responses. In an answer to a question about whether the location information is being used with third-parties, Sewell said that the company does in fact have a "confidential relationship" with a development partner that it's sharing the data with:

In addition, with the goal of providing its customers with an improved traffic service, Apple has entered into a confidential relationship with one of its development partners and has shared with this partner subsets of the anonymous location information associated with automobile traffic data collected by Apple. Contractual confidentiality and non-disclosure restrictions protect this anonymous location information, and Apple's development partner is prohibited from sharing this information with any third parties. The terms of Apple's agreement with this development partner are confidential.

In his follow-up statement, Markey said that Apple "should make more details on this sharing arrangement known," and that he would be following up with the company about the matter.

Apple did not immediately respond to a request for comment on the identity of the third-party. CNET also reached out to Rep. Markey's office to see if the Congressman is drafting a follow-up letter in light of the response and items gleaned from today's hearing.